Command Line Vulnerability – ‘Shell Shock’


On September 24th, a critical flaw was announced in the GNU Bourne Again Shell—better known as Bash—which is a widely installed command interpreter used by many Linux and Unix operating systems and is included in Apple’s OS X. It was discovered by security researchers at RedHat, and is described in detail in a blog post.

Analysis of the source history of Bash shows that the vulnerabilities had existed undiscovered since 1992. The Bash vulnerability being referred to by some as ‘Shell Shock’, ‘Bashdoor’, ‘Bash bug’ allows an attacker to run a wide range of malicious code remotely. Every organisation should be scanning for this vulnerability today and patching everything they can.

Secunia warns that Shell Shock is “bigger than Heartbleed” because it enables hackers to execute commands to take over servers and systems. Heartbleed, by contrast, leaked users’ passwords and other sensitive information, and did not allow third parties to directly hijack affected systems.

You can run this below command on a terminal to check if your machine is vulnerable. The chances of it being very high.

env x='() { :;}; echo vulnerable' bash -c 'echo test'

Companies are scanning and applying the first set of patches provided to address CVE-2014-6271. Because the first patch may spawn a new vulnerability, researchers are working on another, related patch for CVE-2014-7169. However, all vulnerable devices should be remediated with the available patch, since the vulnerability it creates is much less severe than the unchecked Bash bug. Do apply when the patch for CVE-2014-7169 becomes available. Read this for more information – https://securityblog.redhat.com/